When We Wage Cyberwar, the Whole Web Suffers

April 26 (Bloomberg) -- Responding to concerns voiced by
privacy advocates, conservative groups and hundreds of thousands
of Americans, the House Intelligence Committee has revised parts
of the Cyber Intelligence Sharing and Protection Act, also known
as CISPA.

Those provisions would have allowed companies to disclose
sensitive information to the government without being
accountable to U.S. privacy laws. There will be more amendments
offered when the bill reaches the House floor, probably Thursday
or Friday.

But the real problem with CISPA and similar bills now
pending in the Senate (one introduced by Connecticut independent
Joe Lieberman gives broad spying powers to Homeland Security;
one introduced by Arizona Republican John McCain gives broad
spying powers to the Defense Department) is much deeper: This
flurry of legislation signals that elements of our government
want to wage unconstrained war on other nations in cyberspace,
no matter what the consequences may be to humanity. The arms
race being driven by this desire is threatening Internet freedom
here and abroad.

In 2009, Defense Secretary Robert Gates designated
cyberspace as the “fifth domain” for military action. Deputy
Defense Secretary William Lynn said in 2010, “Like air, sea,
land and space, we’re going to have to treat cyberspace as an
arena where we need to defend our networks and to be able to
operate freely.” The U.S. Cyber Command is up and running,
enabling cyber “offensive capabilities” for regional commanders.
In January, Congress approved the Pentagon’s ability to wage
cyberwar.

As terrestrial wars wind down, military contractors are
looking for new revenue streams. They have become cyberwar
doomsayers, banging the drums of fear and claiming that
cybersecurity must be our highest priority. They are also buying
tools and code that our government can use to attack other
countries online.

The result: a market for so-called zero day exploits --
computer threats that attack vulnerabilities in an online
application before the developer knows to fix them -- with ever-rising prices. Terrorists probably don’t have the capacity to
buy and wield these things, but governments do.

Along with this market comes a substantial risk that some
of the nasty code whose creation we’ve encouraged will splatter
back on our networks. Like all arms races, this vicious cycle
provides its own justification: Malicious exploits are out there
-- our government is buying them -- and so we need to wall off
and surveil U.S. networks to protect ourselves.

The dangers of this digital special-ops saber-rattling are
breathtaking. Secretary of State Hillary Clinton has been
valiantly advocating for Internet freedom, strategic
multilateralism, engagement and “smart power” around the world.
The White House has said its objective is to work with other
nations to “encourage responsible behavior and oppose those who
would seek to disrupt networks and systems.”

Purveyors of cyberfear are going in the opposite direction.
They are not interested in engaging with other countries to come
up with codes of online conduct or to translate the Geneva
Conventions for cyberspace -- so as to avoid collateral damage
and protect hospitals, electrical grids, and so on. They want to
be able to change ones to zeros on servers around the globe,
whatever that means for speech and commerce at home and
worldwide.

Given the undeniable benefits that the open global Internet
has brought to the U.S., building moats around our networks and
subjecting them to constant, unaccountable audits and other
restraints -- all in the service of an immense online
warfighting machine staffed by military contractors -- would be
burning the village in order to save it. It cannot be that we
have lost our national ability to think creatively, expand our
policy options and engage with other nations to introduce the
constraints of the laws of war into online settings. In space,
we’re pursuing an international code of conduct that will govern
acceptable behavior. We need to translate those norms to
cyberspace.

Our openness has always carried some risks to the U.S. We
can be attacked. We should always prefer principled engagement -
- even with our enemies -- to bellicosity driven by fear,
particularly when our own citizens will otherwise be deeply
harmed. We don’t have enough guns to direct at everyone around
the world. We might as well communicate.

(Susan P. Crawford is a Bloomberg View columnist and a
visiting professor at the Harvard Kennedy School of Government
and Harvard Law School. She is a former special assistant to
President Barack Obama for science, technology and innovation
policy. The opinions expressed are her own.)

Read more opinion online from Bloomberg View.

Today’s highlights: the View editors on saving Social Security
and dealing with China; Noah Feldman on Arizona immigration
arguments; Caroline Baum on the fiscal future; Ezra Klein on
money and politics; Steven Neil Kaplan on inequality and
unemployment; Jared Diamond on the roots of Japan’s economic
malaise.